Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ea32206-4683-4bc7-99bf-9cc4a2958d84.roa
File: 8ea32206-4683-4bc7-99bf-9cc4a2958d84.roa (raw, json)
Hash identifier: tdQ7Hl2T3IzUhwzJ7wa3YUUcEpIxIQFWeEN3aD3I0wU=
Subject key identifier: AE:CF:6B:64:E3:22:6C:9A:DF:14:11:4C:88:2C:16:1C:15:06:98:BE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 54E813A5890E1985552E5CC8B0318176DA068AB4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ea32206-4683-4bc7-99bf-9cc4a2958d84.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:5000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:e8:13:a5:89:0e:19:85:55:2e:5c:c8:b0:31:81:76:da:06:8a:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:0f:bc:10:26:3b:99:9f:17:df:c9:a9:4a:4c:
a0:03:86:90:3a:0f:4c:e0:15:d6:1f:50:85:05:0f:
5e:87:5c:dd:9f:0e:d0:74:1a:75:45:8b:42:25:67:
8d:31:2b:b5:32:9f:d2:04:40:cd:23:7b:f6:3b:98:
9f:b9:b1:31:54:14:5d:32:15:51:92:24:8d:78:d8:
dd:0d:81:57:34:25:4f:0d:71:62:96:50:c0:e7:ec:
fa:83:38:66:b4:16:81:ea:70:ae:07:cf:dc:f8:b4:
17:ef:2d:b7:d2:98:5d:fa:de:33:af:4c:1a:cf:2b:
92:67:c5:eb:a3:d6:e4:e1:60:e2:70:8c:30:ba:62:
d6:06:1b:89:d0:a8:dc:1b:3a:84:eb:c7:2a:0c:a6:
9a:68:34:50:84:a3:db:24:d1:65:7c:db:fe:6c:97:
31:ea:5a:6f:0d:66:b0:54:18:14:ed:c9:09:f6:9c:
dd:aa:9d:76:e1:3b:ff:63:c7:94:45:f4:3b:f5:9b:
89:73:8d:02:b0:a9:93:e0:cb:98:9b:e4:c1:c7:69:
0f:b1:0e:ad:d6:cd:88:80:12:3b:f7:e1:f2:be:0f:
47:8d:88:bb:6c:c2:23:5f:42:cd:bc:9d:e9:5d:5e:
38:34:fc:69:01:1e:ac:cc:29:b5:02:b5:34:63:d7:
27:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:CF:6B:64:E3:22:6C:9A:DF:14:11:4C:88:2C:16:1C:15:06:98:BE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8ea32206-4683-4bc7-99bf-9cc4a2958d84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:5000::/40
Signature Algorithm: sha256WithRSAEncryption
2a:8a:fe:dc:37:7d:5f:1b:5e:bb:47:a7:75:b1:33:66:2f:12:
dc:89:61:fb:7c:4f:16:34:57:05:72:44:77:9d:a7:61:61:e4:
39:2d:8b:3d:a3:d7:ce:14:9c:ac:fa:88:9e:22:07:43:97:3f:
53:98:0e:f2:8e:0a:ff:c0:ea:7b:e6:2d:2e:1c:c3:47:75:4d:
4d:7b:8d:84:66:69:12:74:56:c9:5b:3d:f0:48:8d:c1:1b:92:
34:7c:fc:a0:31:12:b3:67:d4:7b:88:0a:e1:ec:e5:cd:56:88:
50:bc:1d:08:a6:e3:a1:a4:f8:75:f2:b0:e8:6f:52:2c:ee:3a:
8f:d5:27:10:b2:0f:5b:eb:1d:08:20:0b:77:82:ce:4f:76:c2:
b7:24:1f:fd:f1:74:55:66:44:7d:6e:36:9b:18:51:7c:88:f5:
f4:dc:c8:dc:06:5e:81:18:3f:7c:c9:d2:7d:57:63:38:31:86:
df:6d:24:66:81:6e:28:af:7d:a9:9c:b0:c5:f6:fa:a5:01:0a:
98:2e:f8:a7:5f:6b:fc:ef:de:f4:10:f5:81:a2:13:e1:39:f1:
14:ca:25:94:04:50:3e:67:4b:ca:11:11:8c:cf:b0:e9:8f:da:
4a:56:5b:50:2d:30:50:9c:6c:74:40:ff:eb:90:de:75:e2:d5:
7f:b2:fd:cd
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVOgTpYkOGYVVLlzIsDGBdtoGirQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMTYwMDAwMDBaFw0yNTAxMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGU4NzdkZTlhMjJkNDUxNzY4YTU4NzIxOWQwMGZjODQ2ZTFjMjIwOWEzNTRj
Nzk0MzBkNjJjMjA5NGJlZjU5YTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIgPvBAmO5mfF9/JqUpMoAOGkDoPTOAV1h9QhQUPXodc3Z8O0HQadUWLQiVn
jTErtTKf0gRAzSN79juYn7mxMVQUXTIVUZIkjXjY3Q2BVzQlTw1xYpZQwOfs+oM4
ZrQWgepwrgfP3Pi0F+8tt9KYXfreM69MGs8rkmfF66PW5OFg4nCMMLpi1gYbidCo
3Bs6hOvHKgymmmg0UISj2yTRZXzb/myXMepabw1msFQYFO3JCfac3aqdduE7/2PH
lEX0O/WbiXONArCpk+DLmJvkwcdpD7EOrdbNiIASO/fh8r4PR42Iu2zCI19Czbyd
6V1eODT8aQEerMwptQK1NGPXJ/8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSuz2tk
4yJsmt8UEUyILBYcFQaYvjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGVhMzIyMDYtNDY4My00YmM3LTk5YmYtOWNjNGEyOTU4ZDg0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HdQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAqiv7cN31fG167R6d1sTNmLxLciWH7fE8WNFcF
ckR3nadhYeQ5LYs9o9fOFJys+oieIgdDlz9TmA7yjgr/wOp75i0uHMNHdU1Ne42E
ZmkSdFbJWz3wSI3BG5I0fPygMRKzZ9R7iArh7OXNVohQvB0IpuOhpPh18rDob1Is
7jqP1ScQsg9b6x0IIAt3gs5PdsK3JB/98XRVZkR9bjabGFF8iPX03MjcBl6BGD98
ydJ9V2M4MYbfbSRmgW4or32pnLDF9vqlAQqYLvinX2v87970EPWBohPhOfEUyiWU
BFA+Z0vKERGMz7Dpj9pKVltQLTBQnGx0QP/rkN514tV/sv3N
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:20:28 2025 by rpki-client